ITPro reports that the attack involved around 162,000 WordPress sites and was carried out using sites that have pingbacks or trackbacks enabled, something that is automatically switched on when a site is created.

The problem only surfaced when a site went down due to the unusually large number of access requests that it received causing the site's host to shut the site due to the server being completely overloaded. The site’s owner then contacted Securi Research in order to put a stop to the attack in order for the site to go back online, which is when the true cause of the ambush was discovered.

"Once the DNS was ported we were able to see what was going on, it was a large HTTP-based (layer 7) distributed flood attack, sending hundreds of requests per second to their server. All queries had a random value (like "?4137049=643182?) that bypassed their cache and force a full page reload every single time,” said Securi’s CTO Daniel Cid, according to ITPro.

WordPress site owners that think their site has been affected can prevent future attacks by inserting the following piece of code:

In addition to inserting that piece of code, any site that suspects it has been attacked can check its URL against a list of logs on Securi’s page that will tell website owners whether the site has in fact been hacked.

So far it’s unclear how many sites the attack managed to take offline and it comes little over a month after CloudFlare admitted that the largest DDoS attack ever to take place on a European network was a sign of “ugly things to come”.